{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 你好瞎i 的问题《Using helpers in a view escapes the html?》','https://www.manongdao.com/q-911216.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
In my ruby on rails app I have to use recursion to render nested comments.
Because of this I decided to offload the rendering into a function in a helper.
The basic structure of the function is like this:
def display_comments(tree)
to_render = ""
to_render << render({:partial => 'comment', :locals => {:body => tree[:body]}})
tree[:children].each do |child|
to_render << display_comment(child)
end
return to_render
end
and in the view I call it like this:
<% if comment_forest.length > 0 %>
<% comment_forest.each do |tree| %>
<%= display_comments(tree)
<% end %>
<% end %>
However, on the webpage, rails escapes all the html and it ends up looking like this:
You probably want to call
html_safebefore you return. The sanitization behavior changed a bit in Rails 3 (XSS protection was enabled by default), so you may also want to check out this SO discussion ofraw,h, andhtml_safe, which links to Yehuda Katz's explanation of SafeBuffers in Rails 3.